Question

我用Thymeleaf + spring-boot创建小项目。

现在我遇到了问题：sec：authorize =＆＃34; isAuthenticated（）＆＃34;和sec：authorize =＆＃34; isAnonymous（）＆＃34;为错误页面返回false。结果，这两个部分的内容都被隐藏了。

我的项目依赖项：

<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>1.5.10.RELEASE</version>
    <relativePath/>
</parent>

<properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
    <java.version>1.8</java.version>
</properties>

<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>

    <dependency>
        <groupId>org.thymeleaf.extras</groupId>
        <artifactId>thymeleaf-extras-springsecurity4</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-devtools</artifactId>
        <scope>runtime</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-test</artifactId>
        <scope>test</scope>
    </dependency>

    <dependency>
        <groupId>org.postgresql</groupId>
        <artifactId>postgresql</artifactId>
        <version>42.2.1</version>
    </dependency>

</dependencies>

我的html页面：

<div sec:authorize="isAuthenticated()">
                <span class="navbar-text text-success"> <i class="fas fa-user fa-lg"></i>
                    <span sec:authentication="name"></span> </span>

                <a class="header-btn"  th:href="@{/logout}">
                    <i class="fas fa-sign-out-alt fa-lg"></i> Sign Out
                </a>

            </div>
            <div sec:authorize="isAnonymous()">
                <span class="navbar-text text-success"><i class="fas fa-user-secret fa-lg"></i> Anonymous</span>

                <a class="header-btn" th:href="@{/login}">
                    <i class="fas fa-sign-in-alt fa-lg"></i> Sign In
                </a>
            </div>

在我的情况下，对于像403或404这样的错误页面都隐藏了div。需要改变什么才能让它开始正常工作？

Answer 1

就我而言，我将以下内容添加到application.properties：

security.filter-dispatcher-types=ASYNC, FORWARD, INCLUDE, REQUEST, ERROR

...并重新启动应用程序。安全上下文现在可以在我的错误页面上找到。

秒：授权=＆＃34; isAuthenticated（）＆＃34;和sec：authorize =＆＃34; isAnonymous（）＆＃34;不会在错误页面上工作

1 个答案: